Re: R: Re: R: Re: Samba misconfiguration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/23/2011 04:52 PM, antonio montagnani wrote:
> Daniel J Walsh ha scritto / said the following    il giorno/on 
> 23/02/2011 22:18:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On 02/23/2011 12:49 PM, antonio montagnani wrote:
>>> Craig White ha scritto / said the following    il giorno/on 22/02/2011
>>> 14:04:
>>>> On Mon, 2011-02-21 at 17:52 +0100, antonio.montagnani@xxxxxxxx wrote:
>>>>>
>>>>>> ----Messaggio originale----
>>>>>> Da: craigwhite@xxxxxxxxxxx
>>>>>> Data: 21-feb-2011
>>>>> 16.43
>>>>>> A:<users@xxxxxxxxxxxxxxxxxxxxxxx>
>>>>>> Ogg: Re: R: Re: Samba
>>>>> misconfiguration
>>>>>>
>>>>>> On Mon, 2011-02-21 at 17:38 +0100, antonio.montagnani@alice.
>>>>> it wrote:
>>>>>>>
>>>>>>
>>>>>>> I attach a log file of a test with samba trying to connect
>>>>> by smbclient...I
>>>>>>> am at a dead point.
>>>>>> ----
>>>>>> no ability to look at the log
>>>>> until much, much later.
>>>>>>
>>>>>> What is output of command...
>>>>>>
>>>>>> pdbedit -Lv antonio
>>>>>
>>>>>>
>>>>>> ?
>>>>>>
>>>>>> Craig
>>>>>>
>>>>>>
>>>>>> --
>>>>>> This message has been scanned for viruses and
>>>>>
>>>>>> dangerous content by MailScanner, and is
>>>>>> believed to be clean.
>>>>>>
>>>>>> --
>>>>>> users
>>>>> mailing list
>>>>>> users@xxxxxxxxxxxxxxxxxxxxxxx
>>>>>> To unsubscribe or change
>>>>> subscription options:
>>>>>> https://admin.fedoraproject.org/mailman/listinfo/users>Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>>>>>>
>>>>>    pdbedit -Lv antonio
>>>>> INFO: Current debug levels:
>>>>>     all: True/10
>>>>>     tdb:
>>>>> False/0
>>>>>     printdrivers: False/0
>>>>>     lanman: False/0
>>>>>     smb: False/0
>>>>>     rpc_parse:
>>>>> False/0
>>>>>     rpc_srv: False/0
>>>>>     rpc_cli: False/0
>>>>>     passdb: False/0
>>>>>     sam: False/0
>>>>>
>>>>>     auth: False/0
>>>>>     winbind: False/0
>>>>>     vfs: False/0
>>>>>     idmap: False/0
>>>>>     quota:
>>>>> False/0
>>>>>     acls: False/0
>>>>>     locking: False/0
>>>>>     msdfs: False/0
>>>>>     dmapi: False/0
>>>>>
>>>>> registry: False/0
>>>>> doing parameter server string = Samba Server Version %v
>>>>> doing
>>>>> parameter print command =
>>>>> doing parameter guest ok = yes
>>>>> doing parameter
>>>>> workgroup = workgroup
>>>>> doing parameter username map = /etc/samba/smbusers
>>>>> doing
>>>>> parameter security = user
>>>>> doing parameter lprm command =
>>>>> doing parameter max
>>>>> log size = 50
>>>>> doing parameter wins support = Yes
>>>>> doing parameter guest account
>>>>> = nfsnobody
>>>>> pm_process() returned Yes
>>>>> lp_servicenumber: couldn't find homes
>>>>>
>>>>> set_server_role: role = ROLE_STANDALONE
>>>>> Attempting to register new charset UCS-
>>>>> 2LE
>>>>> Registered charset UCS-2LE
>>>>> Attempting to register new charset UTF-16LE
>>>>>
>>>>> Registered charset UTF-16LE
>>>>> Attempting to register new charset UCS-2BE
>>>>>
>>>>> Registered charset UCS-2BE
>>>>> Attempting to register new charset UTF-16BE
>>>>>
>>>>> Registered charset UTF-16BE
>>>>> Attempting to register new charset UTF8
>>>>> Registered
>>>>> charset UTF8
>>>>> Attempting to register new charset UTF-8
>>>>> Registered charset UTF-8
>>>>>
>>>>> Attempting to register new charset ASCII
>>>>> Registered charset ASCII
>>>>> Attempting to
>>>>> register new charset 646
>>>>> Registered charset 646
>>>>> Attempting to register new
>>>>> charset ISO-8859-1
>>>>> Registered charset ISO-8859-1
>>>>> Attempting to register new
>>>>> charset UCS2-HEX
>>>>> Registered charset UCS2-HEX
>>>>> Substituting charset 'UTF-8' for
>>>>> LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8' for
>>>>> LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8' for
>>>>> LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8' for
>>>>> LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8' for
>>>>> LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8' for
>>>>> LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8' for
>>>>> LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Netbios name list:-
>>>>>
>>>>> my_netbios_names[0]="ACER"
>>>>> Attempting to register passdb backend ldapsam
>>>>>
>>>>> Successfully added passdb backend 'ldapsam'
>>>>> Attempting to register passdb
>>>>> backend ldapsam_compat
>>>>> Successfully added passdb backend 'ldapsam_compat'
>>>>>
>>>>> Attempting to register passdb backend NDS_ldapsam
>>>>> Successfully added passdb
>>>>> backend 'NDS_ldapsam'
>>>>> Attempting to register passdb backend NDS_ldapsam_compat
>>>>>
>>>>> Successfully added passdb backend 'NDS_ldapsam_compat'
>>>>> Attempting to register
>>>>> passdb backend smbpasswd
>>>>> Successfully added passdb backend 'smbpasswd'
>>>>>
>>>>> Attempting to register passdb backend tdbsam
>>>>> Successfully added passdb backend
>>>>> 'tdbsam'
>>>>> Attempting to register passdb backend wbc_sam
>>>>> Successfully added
>>>>> passdb backend 'wbc_sam'
>>>>> Attempting to find a passdb backend to match tdbsam
>>>>> (tdbsam)
>>>>> Found pdb backend tdbsam
>>>>> pdb backend tdbsam has a valid init
>>>>>
>>>>> tdbsam_open: successfully opened /var/lib/samba/private/passdb.tdb
>>>>>
>>>>> pdb_set_username: setting username antonio, was
>>>>> pdb_set_domain: setting domain
>>>>> ACER, was
>>>>> pdb_set_nt_username: setting nt username , was
>>>>> pdb_set_full_name:
>>>>> setting full name antonio, was
>>>>> Home server: acer
>>>>> Substituting charset 'UTF-8'
>>>>> for LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8'
>>>>> for LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8'
>>>>> for LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8'
>>>>> for LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8'
>>>>> for LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8'
>>>>> for LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> Substituting charset 'UTF-8'
>>>>> for LOCALE
>>>>> Substituting charset 'UTF-8' for LOCALE
>>>>> pdb_set_homedir: setting
>>>>> home dir \\acer\antonio, was
>>>>> pdb_set_dir_drive: setting dir drive , was NULL
>>>>>
>>>>> pdb_set_logon_script: setting logon script , was
>>>>> Home server: acer
>>>>>
>>>>> pdb_set_profile_path: setting profile path \\acer\antonio\profile, was
>>>>>
>>>>> pdb_set_workstations: setting workstations , was
>>>>> account_policy_get: name:
>>>>> password history, val: 0
>>>>> pdb_set_user_sid: setting user sid S-1-5-21-3734388162-
>>>>> 611009795-2949902601-1003
>>>>> pdb_set_user_sid_from_rid:
>>>>> 	setting user sid S-1-5-21-
>>>>> 3734388162-611009795-2949902601-1003 from rid 1003
>>>>> account_policy_get: name:
>>>>> maximum password age, val: -1
>>>>> Finding user antonio
>>>>> Trying _Get_Pwnam(),
>>>>> username as lowercase is antonio
>>>>> Get_Pwnam_internals did find user [antonio]!
>>>>>
>>>>> Opening cache file at /var/lib/samba/gencache.tdb
>>>>> Opening cache file at
>>>>> /var/lib/samba/gencache_notrans.tdb
>>>>> Cache entry with key = IDMAP/GID2SID/500
>>>>> couldn't be found
>>>>> gid_to_sid: winbind failed to find a sid for gid 500
>>>>> LEGACY:
>>>>> gid 500 ->   sid S-1-22-2-500
>>>>> account_policy_get: name: password history, val: 0
>>>>>
>>>>> pdb_set_username: setting username antonio, was
>>>>> pdb_set_domain: setting domain
>>>>> ACER, was
>>>>> pdb_set_nt_username: setting nt username , was
>>>>> pdb_set_full_name:
>>>>> setting full name antonio, was
>>>>> Home server: acer
>>>>> pdb_set_homedir: setting home
>>>>> dir \\acer\antonio, was
>>>>> pdb_set_dir_drive: setting dir drive , was NULL
>>>>>
>>>>> pdb_set_logon_script: setting logon script , was
>>>>> Home server: acer
>>>>>
>>>>> pdb_set_profile_path: setting profile path \\acer\antonio\profile, was
>>>>>
>>>>> pdb_set_workstations: setting workstations , was
>>>>> account_policy_get: name:
>>>>> password history, val: 0
>>>>> pdb_set_user_sid: setting user sid S-1-5-21-3734388162-
>>>>> 611009795-2949902601-1003
>>>>> pdb_set_user_sid_from_rid:
>>>>> 	setting user sid S-1-5-21-
>>>>> 3734388162-611009795-2949902601-1003 from rid 1003
>>>>> Returning expired cache
>>>>> entry: key = IDMAP/SID2GID/S-1-5-21-3734388162-611009795-2949902601-513, value
>>>>> = -1, timeout = Mon Feb 21 17:50:39 2011
>>>>> Adding cache entry with key =
>>>>> IDMAP/SID2GID/S-1-5-21-3734388162-611009795-2949902601-513 and timeout = Thu
>>>>> Jan  1 01:00:00 1970
>>>>>    (-1298307042 seconds in the past)
>>>>> winbind failed to find
>>>>> a gid for sid S-1-5-21-3734388162-611009795-2949902601-513
>>>>>
>>>>> lookup_global_sam_rid: looking up RID 513.
>>>>> pdb_getsampwrid (TDB): error looking
>>>>> up RID 513 by key RID_00000201.
>>>>> Can't find a unix id for an unmapped group
>>>>>
>>>>> LEGACY: mapping failed for sid S-1-5-21-3734388162-611009795-2949902601-513
>>>>>
>>>>> pdb_set_group_sid: setting group sid S-1-5-21-3734388162-611009795-2949902601-
>>>>> 513
>>>>> Unix username:        antonio
>>>>> NT username:
>>>>> Account Flags:
>>>>> [U          ]
>>>>> User SID:             S-1-5-21-3734388162-611009795-2949902601-
>>>>> 1003
>>>>> Primary Group SID:    S-1-5-21-3734388162-611009795-2949902601-513
>>>>> Full
>>>>> Name:            antonio
>>>>> Home Directory:       \\acer\antonio
>>>>> HomeDir
>>>>> Drive:
>>>>> Logon Script:
>>>>> Profile Path:
>>>>> \\acer\antonio\profile
>>>>> Domain:               ACER
>>>>> Account desc:
>>>>>
>>>>> Workstations:
>>>>> Munged dial:
>>>>> Logon time:           0
>>>>> Logoff
>>>>> time:          never
>>>>> Kickoff time:         never
>>>>> Password last set:    lun, 21
>>>>> feb 2011 16:17:06 CET
>>>>> account_policy_get: name: minimum password age, val: 0
>>>>>
>>>>> Password can change:  lun, 21 feb 2011 16:17:06 CET
>>>>> account_policy_get: name:
>>>>> maximum password age, val: -1
>>>>> Password must change: never
>>>>> Last bad password   :
>>>>> 0
>>>>> Bad password count  : 0
>>>>> Logon hours         :
>>>>> FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>>>> ----
>>>> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html
>>>>
>>>> specifically, this should help...
>>>>
>>>> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html#id2598404
>>>>
>>>> Fix your groups, make sure the user 'antonio' and the group he belongs
>>>> to have access to the directory/files in the share.
>>>>
>>>> Craig
>>>>
>>>>
>>>
>>> Craig
>>>
>>> I made an easy test, no other jobs done, booting with selinux=0, and
>>> magic samba is working.
>>>
>>> How do I debug the selinux policy, it is not a problem of Samba but of
>>> Selinux.
>>> What is wrong??
>>>
>>> Tnx
>>>
>> SELinux error messages are stored in /var/log/audit/audit.log, do you
>> have setroubleshoot installed.  Probably a labeling or boolean issue.
>>
>> Also look at
>>
>> man samba_selinux
>> -----BEGIN PGP SIGNATURE-----
>>
> 
> After my previous post, I went through man samba_selinux just after 
> dinner, and also samba.conf file, and I understood that I should have 
> done some homework on selinux labeling and so on :-) : What surprises me 
> that on a different box in my home selinux is enforced too, but samba is 
> working fine sharing folders, even if I didn't do my homework (i.e. no 
> tip&tricks).
> The real difference between these two machines is a fresh installation 
> of F14 (that is having these problems) and an F14 as update (when Samba 
> was installed Selinux had been disabled).
> 
> Set
> 
> What do you suggest?? not a problem at home as I am working with Fedora 
> only, a problem if I want share folders in a Windows environment (this 
> is a laptop)
> 
> When I try to connect to the to-be-shared folder I get (not completely sure)
> 
>> type=ANOM_ABEND msg=audit(1298497182.397:43): auid=500 uid=500 gid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=4107 comm="gvfsd-smb-brows" sig=6
>> type=USER_AUTH msg=audit(1298497753.618:44): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success'
>> type=USER_ACCT msg=audit(1298497753.618:45): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success'
>> type=USER_START msg=audit(1298497753.790:46): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success'
>> type=CRED_ACQ msg=audit(1298497753.790:47): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success'
>> type=USER_END msg=audit(1298497814.426:48): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success'
>> type=CRED_DISP msg=audit(1298497814.427:49): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success'
> 
> 
> Tnx a lot for help
> 
> Antonio M
> Skype: amontag52
> 
> Linux Fedora F14 (Laughlin) on Acer 5720
> 
> http://lugsaronno.altervista.org
> www.campingmonterosa.com
> www.studiodacolpaloschi.it
> 
> 
> 
Those are not error messages.

What directories are you trying to share?


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk1lh30ACgkQrlYvE4MpobNTGACdFfSkOK77go2SrvuKlBav8CwN
30sAoMAvGYchr+L1AsygqeyU8R0rSsCp
=K125
-----END PGP SIGNATURE-----
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux